Blog / link analysis
The lessons crime analysis has for machine learning and fraud
Mairtin O'Riada, Chief Intelligence Officer of Ravelin, discusses the how the lessons learned in crime analysis are now being applied in online fraud detection and expressed through machine learning.
When the First Cold War ended in the early 1990’s, people in the West began to focus more on problems at home – especially crime. Crime was at the crest of a wave, with each year breaking the record for the highest ever rates on both sides of the Atlantic.
It was no longer practical to investigate each and every crime – there were too many, and resources too limited. Law enforcement officials started to look at alternative methods of policing. One of the most significant innovations in modern policing started to gain traction. This was crime analysis.
The crime analyst was different from a detective. They had no gun, no badge, no power of arrest. No car, no uniform, no truncheon.
What they did have was data. And data was the tool they used to combat crime.
Combatting crime (in the abstract noun sense) is not quite the same as solving a specific crime. Combatting might mean detecting, predicting and preventing crime – and in practice crime analysts worked best when they focused on these activities. After all, solving individual crimes was a detective’s job.
Logic: deductive and inductive
Before crime analysis, crimes were usually tackled with deductive logic. A simplistic example: John Burglar’s fingerprints were found at the burglary scene – John Burglar is a likely suspect. This approach depended on painstaking evidence gathering, and was completely geared towards securing convictions.
The crime analyst’s approach was different. Crime analysis focuses on inductive reasoning – where information is used to draw an inference not immediately deducible from the pillars of the argument. Another simplistic example: burglary crime rises significantly in a certain area whenever John Burglar is out of prison, although there’s no actual evidence to link John Burglar to a specific crime. Seemingly unconnected events give rise to a lead that would otherwise not be noticed.
Pragmatism: what makes a real difference?
Another important difference is that the missions were subtly different. The detective wants to catch the criminal, but the analyst wants to reduce burglary.
Crime analysis is pragmatic enough to recognise that displacement – making it difficult to commit crime in an area, for example by using better street lighting; or friction – making it harder to commit a crime successfully, for example by restricting parking around the jewellery district – are both worthy because they will lower crime.
Inductive reasoning – crime analysis – was revolutionary. By using the masses of data available to police and government, analysts were able to expose new leads, highlight crime hotspots, predict crime trends and warn about emerging threats.
And so we come to payment fraud detection – another child of the 1990’s. The methods of tackling online fraud mirror the development of law enforcement techniques quite nicely.
Payment fraud: the deductive approach
The first approach in tackling payment fraud – and still by far the most common in use today –was to use deductive logic. From blacklists to automated rule engines, these are examples of deductive reasoning at work. Certain fraudulent characteristics are met – the order is blocked. Introduce humans to help the process. Very costly. Automation and streamlined workflows have been the optimisation methods, but anyone who’s ever suffered from a false positive will know their limitations.
The problem with this approach is that it mimics the process of deduction without the benefit of real evidence. It is a failed police state: there are lots of “police” (big fraud teams), the prisons are full (of false positives), but unlike a functional police state, there is still lots of crime (fraud, or chargebacks).
Machine learning: inductive reasoning automated
So is there any way to bring the inductive reasoning revolution to fraud detection? Yes. Machine learning is the answer. At its best, ML mimics the analytical process by drawing inferences from seemingly unrelated characteristics or “features” – potentially thousands of them – that a “detective”, meaning a human driving a deductive approach, simply cannot - read more about this here.
Machine learning is so useful, and so effective at this that it has begun to complement (or even replace) intelligence analysts in forward thinking crime agencies. Predictive crime mapping, correlating local thefts to wholesale commodity prices and so on are real world examples. Fraud is no different. One of the reasons we are so enthusiastic about machine learning at Ravelin is that it is such a suitable candidate for the problem we work on – fraud detection.
As the Chief Intelligence Officer at Ravelin – and a former intelligence analyst – I am concerned that our machine learning approach must also inherit the pragmatism of crime analysis. We must acknowledge that there is an explicit balance between fraud prevention and false positives. There will always be some fraud getting through. Trying to stop all fraud will inevitably mean stopping a large number of good orders too so a balance needs to be reache. We need to always bear in mind that disrupting the patterns of fraud is the goal - not stopping every single incident.
While I don’t claim that crime analysis and inductive reasoning alone have led to the major reductions in crime seen across the western world since the 1990’s, I am very excited indeed about being at the forefront of the introduction of these inductive techniques to fraud detection. Neural nets are an area of particular focus at the moment and probably represent the best expression of inductive logic in computing we currently have. It is a hugely exciting time to be working in fraud and it is a privilege to shape what comes next.